Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties

ABSTRACT

Biometric data are obtained from a biometric sensor on a mobile device, containing an ASIC, which is connected to or incorporated within it. The mobile device and ASIC, in combination or individually, capture biometric samples, extract biometric features and match them to a locally stored, encrypted template. For extra security, the biometric matching may be enhanced by the use of an entered PIN. The biometric template and other sensitive data are encrypted using hardware elements of the mobile device and ASIC, together with a PIN hash. A stored obfuscated Password is de-obfuscated and released to the mobile device authentication mechanism in response to a successfully decrypted template and matching biometric sample. A different de-obfuscated password may be released to authenticate the user to a remote computer and to encrypt data in transit. The system eliminates the need for the user to remember and enter complex passwords on the mobile device.

RELATED APPLICATION DATA

This Application is a Continuation-in-Part of U.S. patent applicationSer. No. 12/931,340, filed on Jan. 31, 2011, (now U.S. Pat. No.8,842,887) which was a Continuation in Part of U.S. patent applicationSer. No. 12/627,413 filed on Nov. 30, 2009, (now U.S. Pat. No.7,916,907) which was a continuation of application Ser. No. 11/151,412,filed on Jun. 14, 2005, now abandoned. The Application claims thebenefit of Provisional Application No. 61/851,884, filed on Mar. 15,2013. Application Ser. No. 12/931,340 claims the benefit of ProvisionalApplication No. 61/456,901, filed on Nov. 15, 2010 and Application No.11/151,412 claims the benefit of Provisional Application No. 60/579,422filed on Jun. 14, 2004.

BACKGROUND TO THE INVENTION

With the introduction of Bring Your Own Device (BYOD) policies intocorporate and government enterprises, there is much concern aboutwhether the device user is in fact the device owner, or authorized user,and whether the user has permission to access and manipulate enterprisedata (from an enterprise server) held on the device. This same concernis present in mobile payment systems, where there are more and morecases of fraudulent card use and identity theft, which cost the banksand the consumer billions of dollars annually. These are very realisticconcerns since about 5% of mobile devices and personal digitalassistants (PDA's) are lost or stolen each year and counterfeit cards,created from illegally obtained, large lists of existing card numbers,are being used to defraud banks and the consumer. Many of the mobiledevices and payment cards are not protected from fraudulent use by anymethod which would meet the requirements of a security-consciousorganization. If the enterprise insists upon the user protecting thedevice (and access to the enterprise server) with a complex, changingpassword, the user resists this because of the difficulty of rememberingand entering the password. If the device is protected by just a 4-digitPIN, this can be easily hacked in less than a minute or two, with abrute force attack. Many devices are not protected at all and the mobiledevice or payment card, falling into wrong hands can be a personal orcorporate disaster or both.

Increasingly now, payment systems involve a mobile device or a POSterminal with electronic signature capture and may involve an integratedcircuit payment card to “identify” the user. However in the event thecard is a counterfeit copy or if it or the mobile device has been lostor stolen, a PIN, on its own, provides little defense.

Software solutions, based upon biometrics and other methods, do notnecessarily solve the problem, since mobile device and POS terminalsoftware can be changed by malware introduced by nefarious entities.

This invention solves the problems of:

-   -   1) Tying the user to a mobile device or Integrated Circuit card        with a very high probability    -   2) Asserting a trusted mobile device ID or Payment card ID using        hardware elements of the mobile device, an ASIC or IC component    -   3) Releasing trusted credentials or an authentic signature to a        relying party    -   4) Providing strong encryption for data at rest and in transit    -   5) Providing tamper-proof software applications.

The invention addresses the implementation of hardware rooted mobiledevice ID generation and user identity verification, through biometricmeans incorporated into the Mobile Device itself, or into an ApplicationSpecific Integrated Circuit (ASIC) device, on or connected mobiledevice. It can also be applied to the integrated circuit of an IC chipcard integrated into or connected to a stand-alone computer. Thefunctions are accompanied by software signing techniques with a localbiometric template, and data encryption to help ensure a secureoperating environment for the mobile device or IC payment card. Thestand-alone computer may be a POS terminal with an integrated IC cardreader and signature capture capability, or a consumer mobile device.

The following description extracts salient parts of U.S. patentapplication Ser. No. 12/931,340, and adds to it new and improved aspectsto create this Application.

FIELD OF INVENTION

The invention described herein is related to using biometric datasamples, user knowledge of secret numbers, device hardware ID data andencryption in a cooperative manner to authenticate users of mobiledevices, stand-alone computer users and users of integrated circuitcards, to enable storage of secure encrypted biometric templates and toprovide the basis for them to be accepted as trusted devices to local orremote computers or servers without the need for the user to rememberand enter complex passwords. Biometrics can be used in a local (to themobile device) context, where the biometric template is held locally.Alternatively they can be used for remote authentication where theBiometric template is held on a server. In this latter case there is aNational and International Standard for the exchange of biometric dataas described in the Common Biometric Exchange File Format (CBEFF)standard. The term mobile device in this specification refers to anystand-alone computer that is generally used in a portable manner and theterms mobile device and stand-alone computer are used interchangeably.

The invention is described in the context of biometric data, andparticularly signature/sign data, which is rotated to a consistent angleof inclination prior to feature extraction according to the patentapplication Ser. No. 12/627,413—now U.S. Pat. No. 7,916,907 and isapplicable to any image-based biometric modality.

The invention combines the use of biometrics and a PIN to releasecomplex passwords, with a hardware root of trust based upon an ASICcontained within the mobile device, or based upon the hardwarecharacteristics of the mobile device itself, to provide authenticationof and secure access for mobile device users to mobile devices, securenetworks and enterprise servers. It is also used to identify users ofIntegrated Circuit Payment Cards. It uses the complex passwords, basedon hardware roots, to generate strong encryption keys to protect themobile device data and the biometric template, which is used toauthenticate the user against a biometric sample submitted on the mobiledevice or stand-alone computer. This is achieved by using a specialsensor on the mobile device or stand-alone computer, or capturing userinput from already existing mobile device or stand-alone computerhardware, such as a screen digitizer (with a stylus or a finger input),or perhaps a mouse, camera, microphone or finger-print sensor.

DESCRIPTION OF PRIOR ART

This invention is an improvement over software based solutions, whichcan be compromised by malware, especially on mobile devices with opensource software. Beatson et al. in U.S. patent application Ser. No.12/931,340 (now U.S. Pat. No. 8,842,887) describes a strong method,which is predominantly a software solution, using a hardware root oftrust based on the mobile device UUID. The UUID is actually calculatedvia a software routine which can be compromised by malware introducedinto the mobile device or stand-alone computer software. The currentmethod further improves mobile device security

Most biometric systems rely on the existence of a remote biometrictemplate that is outside the immediate control of the user and could becompromised without the user being immediately aware of the fact. Thelocal template of this invention, held on the mobile device, the ASIC orthe IC chip of the payment card, puts the template control back in thehands of the user and thereby enhances the user's privacy as well asincreasing the overall security of the mobile device and the paymentcard system.

The Trusted Computer Group is developing a Mobile Device Module similarin function to the Trusted Platform Module (TPM) used in many computerstoday but the method does not include any definitive biometric solutionbased upon a local biometric template. The current invention will enablethe user to authenticate to the TPM by releasing a complex password toit. In addition the invention will combine all the necessary ingredientsto create a trusted mobile device system, adding significantly toexisting mobile device trust so that they can be used in a BYOD context,to connect to enterprise servers, improve the productivity of mobileworkers and help to reduce payment card fraud and identity theft.

Today, there are billions of mobile devices in operation, most of whichcontain much sensitive, private and/or confidential information which isat risk in the event the device is lost or stolen. Mobile devices inthis category include, but are not limited to Cell Phones, Smart phonesTablets, PDA's, laptops and other mobile devices. Following theintroduction of capacitive finger touch and stylus sensitivePoint-of-Sale (POS) terminals introduced in the early-mid 1990's whichcaptured the electronic signatures of customers, there has beenunprecedented growth in (finger) touch sensitive mobile devices sparkedby the introductions of the iPhone, Android-based mobile devices, theiPad and Windows Phone 7 and 8 which all use capacitive screens forfinger input. These mobile devices are very attractive consumer mobiledevices and consequently, there is more pressure than ever forEnterprises to allow them to connect to corporate networks, particularlyfor email and cell phone use, and for banks to allow them to be used ason-line payment instruments. Connection to corporate networks for otherpurposes than email is allowed by some enterprises, whereas otherenterprises choose not to allow such access because of the securityrisks involved—Is the mobile device user really the mobile device owner?The data accessible to these mobile device users (owners or not)contain, at least, highly confidential personal information, which couldbe used for financial payment card fraud, identity theft or for othernefarious purposes and, in other cases, confidential personal andcorporate data which could be highly detrimental to the corporate entityif it came into the public domain. For government workers and themilitary, if these mobile devices fall into enemy hands or into thehands of foreign Governments and they do not have suitable protectionthe mobile devices can be detrimental to National Security

Most of these mobile devices, if they are protected at all, rely uponthe submission of a password, or just a simple PIN to gain access to themobile device. The PIN, on its own, although relatively user friendly,is very insecure. It can be passed on, guessed, overseen at entry, oreasily generated through a brute force attack (an automated attack basedupon submitting sequential PIN values until the correct one is found). Afour digit PIN will succumb within a minute or two to this form ofattack. Depending upon the password, this too can be insecure for thesame reasons. If the password is sufficiently complex to providesufficient security (e.g. a regularly-changing, randomly-choseneight-character string consisting of lower case, upper case, numeric andspecial characters) the password becomes difficult to remember andenter, especially on small mobile devices and is very user unfriendly.As a result of the inherent lack of security associated with the mobiledevices many of them are not allowed to connect to their enterprisenetworks and this severely restricts their usefulness.

Over the last fifteen years or so and particularly since 9/11 there hascome a realization that authentication systems based upon password entryat the keyboard or on the device are particularly vulnerable tounauthorized and unfettered access from many different sources and areparticularly user-unfriendly. This despite increasingly sophisticatedencryption methods and algorithms. The science of Biometrics promotesthe capture of samples of biological properties or behavioralcharacteristics of individuals and extracts measurable features from thesamples to be compared with stored templates. The science has made muchprogress in the last few years and there are now many such systems insitu protecting access to physical and logical assets by ensuring thataccess rights are granted only to authentic individuals and denied toimposters. Image-based biometric systems, which use Fingerprint and Palmpatterns, Face and Iris patterns, Hand Geometry and Vein analysis, etc.,are all in use or under current development. Dynamic or behavioralbiometric systems, which introduce the dimension of time into the sampleanalysis rely upon the submission of stylus or finger-based Signs orSignatures and Voice or Keystroke patterns and are also being used forsimilar applications. The behavioral biometric technologies have severaladvantages over systems based purely upon physiological imagingtechnologies. For example, they offer the possibility of user-chosen,secret-based templates preserving privacy, increasing performance andallowing template revocation and replacement in the event of compromise.

This invention relies upon a means of obfuscating a password, storing itand protecting it in such a way as to make it extremely difficult toextract. This password is then used to generate symmetrical encryptionkeys to protect the template and other data at rest (DAR) on the mobiledevice.

One of the major issues in using biometric systems for protecting accessto mobile devices has been the problem of protecting a local biometrictemplate from being extracted from the mobile device in the event of itsloss or theft. If a password based encryption key is used then thesystem access is again reliant upon the entered password. One of theinherent properties of biometric samples is that successive samples fromthe same user are never the same, although they might be very similar,especially in the case of image based biometric samples. Consequentlythe sample cannot be used to generate a constant encryption key withoutsome degradation of performance of the overall biometric system.

References associated with the parent of this Continuation-in-Partapplication have discussed other systems that attempt to do this andthere have been other systems and patents also trying to accomplish thedifficult task of successfully obfuscating passwords. TransactionSecurity, Inc., Beatson & Kelty, in 2003, developed an unpatentedsystem, called PDA-Protect®, which was beta-tested by Microsoft. Thiswas documented in a Press Release dated May 27, 2003 entitled“Transaction Security, Inc. Unveils Crypto-Sign™ Biometric Software forThe Mobile Workforce”.

See: www.crypto-sign.com/Crypto-Sign %20Press %20Release5_(—)12-pp .pdf.This was a very early prototype and, although it released an obfuscatedpassword, it did not protect it or the biometric template fully.Johansson et al. in U.S. application Ser. No. 10/990,798 (filed Nov. 17,2004) proposes an asymmetrical key pair approach but this makes theencryption computing and key management very burdensome. The currentinvention advocates a system that relies upon a symmetrical encryptionprocess such as the Advanced Encryption Standard and key definition andmanagement is an important aspect of the process.

In addition the current invention advocates a solution incorporated intoan IC chip, which uses a Chip ID rooted in the Chip hardware, which canbe used to securely store an electronic representation of the user'ssignature as well as the biometric template. It also contains codeincorporated in the IC Chip, to provide a biometric matching capabilityfor signatures submitted on POS terminals. An IC Card-based signaturesystem was proposed in 1996 (by two of the current authors of thisapplication) in U.S. Pat. No. 5,892,824. However that system relied uponthe release to the POS terminal of the biometric template and this wouldbe considered insecure today.

This application proposes a system and methods to:

a) Securely authenticate the user to the mobile device by automaticallyreleasing a password to the mobile device authentication system inresponse to a matched biometric sample and a correct PIN.

b) Authenticate the user and the mobile device to a remote computer orserver to provide a trusted mobile device system.

c) Remove the need for the user to remember and enter complex passwords,whilst retaining the benefits of complex password infrastructure forauthentication and encryption.

d) Encrypt the biometric template and other data on the mobile device orpayment card IC chip without the need to enter a complex password.

e) Automatically generate strong encryption keys for mobile device dataand template encryption and to protect secure data communicationsbetween the mobile device and a server.

f) Release trusted credentials, including electronic signatures, toprovide proof of authorship for transactions and electronic documents,especially for Point of Sale transactions

SUMMARY OF THE INVENTION

The system and methods described in this Patent Application use atechnique for combining a numeric PIN, hardware components of a mobiledevice or of an ASIC incorporated within the mobile device or connectedto it. A similar technique can be incorporated within the integratedcircuit of an IC card chip. They use an obfuscated, user-chosen (orimposed) complex, secure password with a biometric sample, in a way thatprovides secure and user-friendly access to these types of mobiledevices and also provides for secure template and data encryption, allwithout the need to remember or enter a complex password. This secure,user-friendly method releases the required password to the mobile deviceauthentication process or the network authentication process once acorrect PIN and biometric sample are submitted and does so without theneed for the complex password to be entered or remembered for eachtransaction. The method further provides the mobile device/user withtrusted status to a remote computer. Consequently it could open upcomprehensive, secure and user-friendly use of mobile devices andintegrated circuit cards to enterprises and mobile payment applicationswith all the attendant significant security and productivity benefits.

Most mobile devices offer an optional or mandatory power-up passwordauthentication process as part of the operating system to protectaccess. The present invention harnesses the power-up passwordauthentication process but, instead of requiring entry of the password,it is generated by the mobile device each time after a successfulentry/supply of the PIN and a successful match of a biometric sample tothe template stored on the mobile device. The method first uses a oneway hashed value of the PIN combined with a stored value of theobfuscated password (obfuscated using a function of the mobile device orASIC hardware components and the PIN hash together with a reversiblealgorithm) to generate a key to decrypt (and encrypt) the biometrictemplate.

The biometric sample is captured, followed, where required by the PIN,which may be entered by the user (for higher security) or generated bythe mobile device software. The features extracted from the biometricsample are provided to the matching process along with the decryptedbiometric template. The obfuscated password, a function of the PIN hash,certain hardware components of the ASIC, and the Password itself, areused both in the generation of the template encryption/decryption keyand in the generation of the password required by the authenticationsystem to provide access. If there is a good biometric match, thepassword is generated by de-obfuscating the stored obfuscated Passwordand passing it to the authentication process. Thus the de-obfuscationprocess and hence the password release (or the private key release)requires, as well as a successful biometric match, a successfulsubmission of the correct PIN, either from a PIN entry screen, (ifrequired by the owner's security policy) or from the generation of a PINrooted in the mobile device, ASIC or IC card chip hardware components.

The method demands successful submission of the PIN to the system and agood biometric sample, which work together to unlock the mobile device.If the PIN is supplied incorrectly the template decryption key will bewrong and the clear template will be gibberish. If the biometric sampleis submitted incorrectly, there will be no match to the template. Boththe template encryption/decryption key and the de-obfuscated passwordare functions of PIN-generated data, supplied on a transaction bytransaction basis, as well as mobile device, ASIC or IC card hardwarecomponents and the original chosen (or imposed) password. An imposterwould not be able to test first for the correct PIN and then for thecorrect biometric sample (or vice-versa) since both components must beentered sequentially on each occasion without knowledge of whethereither one is correct. Consequently the method provides good protectionagainst brute force attacks. Millions of biometric samples/PINcombinations would have to be submitted to find a correct one andbecause a biometric sample is required on each occasion this becomestotally impractical. Yet the process is still very user friendly sinceall it requires is the entry of a PIN and a biometric sample, or just abiometric sample alone. It does not require that the user remember orenter a complex password. The generated password can be used later asthe basis for data encryption/decryption on the mobile device and fornetwork communication and encryption using the secure socket layer in aPKI-based system. In this manner the mobile device may be recognized asa trusted mobile device by an authentication server or a remote computerand may be extended to cover the case where the mobile device is beingused to gain access via a server, to a central data-base. Some of themethodology described in this application is described in US PatentApplication Publication numbered 20030056100 authored by one of thecurrent inventors and this document is incorporated herein by reference.Some of the concepts described herein can be adapted to the use of an IC(smart) card presented to an IC card reader with an integrated biometricsensor device that might be used, for example at point of sale. Here,biometric feature data generated, by the stand-alone computer containingthe IC card reader (POS terminal), which could also be a mobile device,e.g. a tablet with an IC Card reader, could be captured and compared(using the IC chip processor) to the template stored securely in the ICchip memory. A successful PIN and biometric sample could then releasethe user's authentic signature or some other credential, indicative ofend-user authentication, to a remote computer system.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 describes the components of an exemplary mobile device system andassociated ASIC so that they work together to provide the necessaryfunctions for a trusted mobile device with a local biometric template.

FIG. 2 shows the Registration and Enrollment logic to help provide thenecessary functions for a trusted mobile device with a local biometrictemplate.

FIG. 3 shows the User Authentication and Encryption logic of a trustedmobile device with a local biometric template.

FIG. 4 shows the wider use of a trusted mobile device incorporating theinvention.

DESCRIPTION OF PREFERRED EMBODIMENTS

In the following description, reference will be made particularly toSignature/Sign biometric data, which may be entered onto a mobile deviceor POS terminal screen, as may a PIN. It will be very apparent that thebiometric modality could be, for instance, instead of signature/sign, afingerprint using a fingerprint sensor, a facial image, using a devicecamera or an iris image using an iris camera on the device, or indeedany other image based biometric data generated on the device from asuitable sensor.

Referring now to FIG. 1, System 100 shows the components andfunctionality of an exemplary mobile system configuration in simplifiedform for implementing the present invention. It is to be understood thatthe unit components illustrated in System 100 may be activated by themobile device processor and associated OS, with application code (106)using the data in Data Storage area (121) or by the self contained ASICcomponents (107-120). System 100 incorporates a processor, withoperating system and application code (106) and a data storage area(121) for both encrypted and unencrypted data, used for various mobiledevice applications. The input devices (101, 102, 103 and 104) aredriven and handled by the Device Handler Software (105). This softwareis signed with a specific authentication value, which is passed to andchecked by the ASIC device processor (107) using the Software CodeSigner and Signature Checker (120) prior to each activation. TheBiometric Input Sensor (101) could be a fingerprint sensor, an iriscamera or a face camera or another biometric device, such as amicrophone, integrated into the mobile device. In this embodiment theSignature/Sign Input Screen (102) is used to capture a signature/signbiometric sample and also to capture an authentic electronic signatureof the mobile system user. The biometric input data, from signature/signscreen (102), then passes to ASIC processor (107), where it is processedaccording to the Code in the ASIC Code Storage Unit (112). It is to beunderstood that, in an alternative embodiment, it is possible for themobile device to contain all the functionality of the ASIC, in whichcase the ASIC would not be a necessary component of System 100. In thisembodiment we describe System 100 as ASIC-based.

Signature/sign biometric data are captured via the signature/sign inputscreen (102), pixelated and transformed to a consistent angle ofinclination by the ASIC-based Pixelator & Transformer software (113).The PIN Input Screen (103) provides PIN input where required and thePassword Input Screen (104) provides Password input for the registrationand enrollment phase. The ASIC Code Storage Unit (112) contains othersoftware functionality modules (114, 115, 116, 117, 119 and 120). Thesemodules, which might, alternatively, be contained in the mobile deviceapplication code storage area (106), operate to implement the methodsdescribed later for providing secure access to the mobile device using acombination of PIN and biometric sample without the need to remember orenter a Password. The Code Storage Unit (112) contains a Key Generatorand Encryptor module, which is responsible for key generation, hashingand encryption/decryption. System 100 contains the Non-Volatile DataStorage area (108) and, in particular, Configuration & Parameter data,encrypted with a key generated from the H/W Root Generator (115) andEncrypted Biometric Template and Credential data (110) including arepresentation of the authentic signature of the device owner. The datain (110) are encrypted using module (116) and a key generated from theobfuscated password (111), the Hardware Root, generated by Hardware RootGenerator (115) and the PIN hash, generated from the PIN entry, data orautomatically by the PIN Generator (114) The non-volatile storage area(108) also provides for the storage of other sensitive (chosen by theenterprise or the user) mobile device data and encrypted with the samekey as the biometric template. This embodiment describes an electronicrepresentation of the owner's authentic signature as the credential ofchoice and this is stored in encrypted form with the encrypted biometrictemplate in (110). Non Volatile storage area 108 also contains anobfuscated password (111) and the way in which this is obfuscated by thePassword Obfuscator/De-obfuscator is described later. Storage area (108)contains configuration and parameter data (109) which is used tocustomize the System to Enterprise and User requirements. The EncryptedCommunications System 122 provides a secure link, via a public orprivate network system, to a Local or Remote Computer System or Server124, which could also be contained within the Cloud Network System 123,as opposed to existing as a separate physical entity outside the Cloud.

Turning now to FIG. 2, we see a depiction of the registration andenrollment process for establishing a protected local biometrictemplate, with PIN input, which eliminates the need to enter complexpasswords for authentication.

After power up (201) a Mutual Authentication process (202) between theASIC and the mobile device takes place to enable the ASIC module and theMobile Device to trust each other. The mutual authentication process canbe one of a number of well-known processes and is not specified in thisApplication.

The registration and enrollment process sets up the mobile device anduser for seamless operation during a user/mobile device/relying partyauthentication process—see later. The steps in FIG. 2 consist of:

-   -   a) After Mutual device Authentication, the user must first gain        access to the Mobile device, typically through a special        Password Authentication procedure (203), and installs the        software (204) to drive the processes described in the        invention.    -   b) The user chooses at least one specific sign (secret sign or        signature) and enters, for each one, a set of biometric        signature/sign samples (205), with either a stylus or finger and        these are used to form the initial biometric templates. Again it        should be emphasized that a different biometric modality than        signature/sign could used, in conjunction with or separate from        signature/sign    -   c) After transforming the biometric data according to U.S. Pat.        No. 7,916,907, and extracting the biometric features, various        in-built tests are conducted on the data to ensure consistency        and a sufficient level of complexity before forming the initial        templates (206). This process is described later.    -   d) After initial template formation the user practices        verification (207) and (208) until satisfied that access can be        gained easily. Operations (205) to (208) are undertaken by the        Biometric Enroller module (118)    -   e) In box 209, the user is then prompted to decide whether to        utilize an automatic PIN submission process or a PIN entry        process via the PIN Input Screen (103). The choice determines        whether the system requires PIN entry, for higher assurance and        security, or whether no PIN entry is required so that the        authentication process uses the PIN Generator part of the PIN        Generator/Hasher module (114) and, therefore, relies purely on        the submitted biometric information.    -   f) A PIN hash is calculated, using module (114) and a value        rooted in the hardware of the ASIC or the mobile device (211) is        calculated using module (115)    -   g) Choose and enter one or more complex passwords (212) that        will be used for both user/device authentication and for        deriving encryption keys. More than one key may be required (for        device unlock and for network/website access control). Password        policy and complexity tests defined by enterprise security        requirements will be carried out prior to accepting the        passwords.    -   h) The password is obfuscated (213) using the PIN hash and a        value rooted in the hardware of the ASIC or mobile        Device—calculated as operation (211) and using the Password        Obfuscator/De-Obfuscator module). This is followed by        calculating the encryption key (213) with which to encrypt the        biometric template and the authentic signature data using the        Key Generator and Encryptor module (116). These calculations are        described later.    -   i) Choose and enter a quality authentic electronic signature        (214), with an ink-on paper look. Several attempts may be        required and the user is prompted to accept or re-sign after        each attempt until a quality signature is attained. This        signature will be the one released to future signature-bearing        transactions. The format is a set of sequential (x,y) data and        these data will be stored with the updated biometric template        from process (208) in encrypted storage area (110). It is        possible for styli that provide pressure values to use this to        provide variations in the thickness of the stroke but the        process does not rely on these data being available. Other        credentials, typically required for secure transactions may be        included at this stage at the user's discretion. These may, for        example, be answers to typical questions asked to verify        identity when passwords are forgotten, although with this        invention that will be a rarity, since the probability of the        system to mis-verify the correct owner is very low, especially        when more than one attempt is allowed by the Enterprise/User        policy. In this embodiment we proceed as follows:    -   j) The authentic signature, credential data and the biometric        templates are then encrypted (215) and stored in the encrypted        storage area of the ASIC (or the mobile device). At this stage        the clear template data and the PIN # are deleted. A second        complex password can be used in the same manner to generate        encrypted data for the Encrypted Communication System (122) to        communicate securely with a local or remote computer, which        might, for instance, be a corporate network server or a secure        Web service.    -   k) The system relies on certain configuration and parameter        settings determined by Enterprise security policy and the        parameters are set at this time (216-217) and stored in        encrypted form in the Encrypted Storage area of the ASIC (109)        or mobile device    -   l) The operations and processes 205-217 are included in the ASIC        functional Code modules (113-119)    -   m) Finally, when the user is satisfied with the process (s)he        enables the biometric test (218)

Turning now to FIG. 3, we describe the authentication process. Afterpower-up (201), mutual device authentication (202) between the MobileDevice and the ASIC takes place. Process (202) uses one of a number ofexisting cryptographic methods to accomplish full trust between the ASICand the Mobile Device and is not specified here. The user authenticationprocess uses a biometric sample from the user, together with PIN entry(or PIN generation) as follows:

First of all in process (301) the Configuration and Parameter Data (109)is decrypted and System 100 is initialized. At this stage the encryptionkey for the decryption/encryption process cannot be tied to user inputso it is generated from a function of the obfuscated password (111) andthe ASIC Hardware Root using a symmetrical encryption algorithm such asthe AES. The process then continues as follows:

-   -   a) Process (302)—Capture the biometric sample, transform the        sample data according to U.S. Pat. No. 7,916,907, extract the        biometric features (see later) and store them temporarily    -   b) Process (303)—Capture the PIN entry data or generate a PIN        from a function of the hardware root (see later). If the PIN is        generated automatically the system relies purely upon the        biometric test for authentication. This may be deemed        sufficiently secure for some mobile devices and applications but        the use of an entered PIN bolsters security substantially and,        in conjunction with the biometric test, very much reduces the        effectiveness of a brute force attack.    -   c) Process (304)—Calculate the hardware root and then the        biometric template decryption and encryption key (see later) as        a function of the obfuscated password, the hardware root and the        PIN hash. Decrypt the biometric template(s).    -   d) Process (305)—Match the feature values extracted from Process        (302) to the decrypted template(s) from Process (304). See later        for the matching calculations. If the PIN is entered incorrectly        the biometric templates will not decrypt sensibly and there will        be no match. If the biometric sample features are substantially        different from the template values, there will, again, be no        match. If the biometric features match either of the templates,        we proceed as follows    -   e) Process (307)—De-obfuscate the password using a function of        the hardware root and the PIN hash—see later for the        calculation. Responsive to a good match (306) between the        biometric sample features and the biometric template(s), release        the password to the mobile device authentication system.    -   f) Process (308)—The encryption key is calculated in the same        manner as in (304) and the biometric template is updated as a        result of the most recent successful sample (see later for this        calculation). It is encrypted and stored in storage area (110).        If the biometric features match both templates, the template        providing the better match is the one to be updated.    -   g) Processes (309 and 310). The previous biometric template is        deleted and Normal Processing now takes place. This could        involve the invocation of the same biometric authentication and        encryption processes, depending upon the chosen application.        FIG. 4 describes relevant applications for which these processes        might be applied.    -   h) Process (311)—In the event of a non-match in Process (306),        Failure Action, determined by policy, established by the        Enterprise and/or the User, will be implemented. This might        range from requesting another attempt by the User to        authenticate to wiping the device of all (or all unencrypted)        data.

Turning now to FIG. 4, a similar process is used to:

-   -   a) Encrypt and protect mobile device data at rest (312)    -   b) Release a password for Network or Web Service authentication        (313)    -   c) Provide a trusted signature or other credentials that might        be used in financial transactions and other signature-bearing        transactions e.g. in Payment card systems, Healthcare and        Contractual agreements (314)    -   d) Unlock a protected Software Applications (315)

Irrespective of which application is requested, the first action is toinvoke the authentication processes where the user provides input datato the System (302 and 303). This is followed by generating the hardwareroot (316) which is used, in conjunction with the user generated inputdata to carry out the operations in process (317). Process (317) willuse the System 100 ASIC (or equivalent mobile device) components(111,114, 116 and 119). Following this, the biometric sample from (302)is compared to the decrypted template from (317) and, if the match isgood, the old template is updated to form the new template, which isencrypted (318) using (116) and stored in (110). Following this theselected software application (319, 320, 321 or 322) will launch. Againthese processes will use the System 100 component (116, 117 119).Appropriate software code, as determined by security policy, will besigned and checked by process (120)

In the following calculations and descriptions, reference will be madeparticularly to Signature/Sign biometric data, which may be entered ontothe screen of a POS terminal, or on the screen of a mobile device, asmay a PIN. It will be very apparent that the biometric modality, insteadof signature/sign, could be, for instance a fingerprint image, using aspecial sensor, a facial image, using a mobile device camera or an irisimage using an iris camera on the POS terminal or mobile device, orindeed any other image based biometric data generated on the mobiledevice from a suitable sensor, e.g. fingerprint data using a fingerprintsensor. These systems operate in a manner, described later, to provide atrusted link between the user, the standalone computer and a local orremote computer.

Detailed Calculations

Again referring to FIG. 2, in an exemplary system, after mutual deviceauthentication between the ASIC and the Mobile Device (203), and thesoftware installation (204) biometric data from the sensor is capturedusing the mobile device user interface and device software handlers.These subsystems will be controlled by the ASIC or Mutual DeviceProcessor using code from the ASIC or Mobile Device Code Storage Units,which will also first check the signed code of the user interface andhandlers. The samples will be captured and pixelated and will betransformed to a consistent angle of inclination by applying one of twoquadratic equations that involve a ratio of (X,Y) pixel positionvariances and a covariance of pixel positions in the X and Y planes. Theresulting transformed (x,y) coordinates are invariant to the originalangle of submission of the biometric sample. Following this thetransformed data may be further rotated based upon applying a rotationcalculated from the tangent of a line of regression calculated on therotated data. Although the system may choose to use one or the other oftwo possible quadratic equations for the initial rotation, the equationchosen in this exemplary system defines the transformation angle throughwhich to rotate the original X,Y axes as: Tan⁻¹(M), where:M=[2ra+ or −Sqrt(4r ² a ² +a ⁴−2a ²+1)]/(a ²−1)

-   -   and where a=Sqrt[V(X)/V(Y)] with V(X) and V(Y) being the well        known definitions of the variance of the (X,Y) pixel positions    -   and where r is the well known definition of the correlation        coefficient of the (X,Y) pixel positions.

Where a approximates 1, the value of |M| may become very large and forthis reason it is advisable to limit the value. A value of 10,000 worksrelatively well.

Although both the positive and the negative square roots of the equationwill achieve the desired effect, they will provide different rotationsolutions. There is no particular advantage to choosing one over theother and the negative square root option will be assumed. This rotationwill always transform the original (X,Y) pixel positions to a consistentangle of inclination with respect to the rotated (x,y) axes. Thetransformed (x,y) data may then be further rotated through an anglecalculated as the angle between a line of regression through the (x,y)data and the x axis. The resulting image might then be morerepresentative of a natural angle of submission and is also correctedfor skew. The line of regression of choice may be that derived byminimizing the sum of the squared perpendicular distances from the (x,y)points to the line of regression and this is achieved by solving theequation: 2m³−m²(2r₁+1)+2m(r₁+1)−(2r₁+1)=0, for m. This equation is thecorrected equation in U.S. Pat. No. 7,916,907, where m is the tangent ofthe angle between the line of regression and the x axis and r₁ is thecorrelation coefficient of the (x,y) data and can be calculated as:r ₁ =[M(1−a ²)+(1−M ²)ra]/[a ²+2mra+M ²]

The combined rotational transformation angle can then be calculated fromthe original X,Y data by the well-known equation:M ₁=(M+m)/(1−Mm).

The final transformation may then be calculated by applying thefollowing transformation to the original X,Y axes to generate thefinally transformed (x,y) data from the original (X,Y) data:x=X cos w+Y sin wy=Y cos w−X sin w

where tan w=M₁

This transformation has a very significant beneficial effect on theconsistency of feature extraction thereafter and leads to asignificantly higher performance biometric system, with lower FalseReject and False Accept rates

The biometric data will then be used in a manner later described toprovide the elements of this invention. An exemplary system will now bedescribed within the context of the Signature/Sign modality butunderstanding that a similar system could be developed using anybiometric device integrated within the mobile device system. It willshow how, as well as providing for a secure, trusted and user-friendlyauthentication system, that an authentic signature can be released to anelectronic document or transaction and that it could be used forextremely accurate matching with the same authentic signature storedremotely in encrypted form.

Once a mobile device is trusted, or can release trusted data, it may beused in many different applications. In particular it can be used torelease an electronic representation of a user's authentic electronicsignature which can be appended to an electronic document to give thesignature an ink-on-paper look. The authentic electronic signature canthen be compared to that stored in a remote computer (124) filecontaining user credentials and the match should be exact, or at leastvery close. In order to accomplish this, the biometric template isdesigned to house the authentic electronic signature itself, as well asbiometric template data. Since the authentic signature is stored withthe template it is always stored on the mobile device in encrypted formand communicated in encrypted form. It is clear that other UserCredentials, necessary for providing identity assurance to relyingparties could be stored securely in this manner.

Turning again to FIG. 2, the mobile device is used to register andenroll the user and initialize appropriate parameters of the system.After Power-up (201) and mutual ASIC/Mobile Device authentication (202)the mobile device will implement its normal Password Authenticationsystem (203) to allow the user to operate the mobile device normally.The user/owner now installs the authentication software and commencesthe registration & enrollment process. The user is prompted first toenroll his biometric template (206) on the mobile device by submitting anumber of separate biometric samples (205). The software determines whenenough enrollment samples have been submitted. The detailed method in aSignature/Sign context is described later. At this stage the user maypractice verification (207) by submitting samples against the enrolledtemplate until (s)he is comfortable with the process. The user thenchooses whether to require PIN entry or PIN generation (209) asdescribed later. The PIN is then entered or generated (210) and aone-way PIN hash is calculated and stored temporarily (211). The userthen enters a chosen or imposed password (212) which may be as complexas is required for the appropriate level of encryption security. Thepassword is obfuscated (213) as described later and stored on the mobiledevice. After the Authentic signature has been entered (214), thetemplate and authentic signature are then encrypted using a generatedkey (215), which is a function of the PIN hash, the obfuscated passwordand the hardware root as described later. The user then enters otherparameters and configuration data (216) and encrypts this using a keywhich is a function of only the hardware root and obfuscated password(217). The set-up parameters and configuration data are then storedsecurely in the ASIC (or the Mobile Device) and the user enables thebiometric test (218). The set-up parameters will be decrypted when it isnext powered up (using the key generated from the hardware-root andobfuscated password) and, following decryption, the mobile device willbe re-initialized ready for local user authentication as described below

Turning now to FIG. 3, we see the system flow when the invention is usedfor local authentication to protect access to the mobile device, and toencrypt the mobile device data at rest, including the biometric templateand authentic signature/credential. After Power-Up (201) MutualAuthentication (202) takes place between the ASIC and the Mobile Device.This is followed by process (301) where the encrypted system parametersand configuration data are decrypted using a key that is a function ofthe hardware root and obfuscated password. These decrypted data are thenused to initialize the Mobile Device for local authentication. Process(302) then captures the biometric sample, pixelates and transforms thesample data to a consistent angle of inclination according to U.S. Pat.No. 7,916,907, extracts the biometric features and stores themtemporarily. During this process, certain feature values—those notdependent upon the angle of submission—will also be calculated. Afterthe biometric sample has been captured, pixilated and transformed andthe biometric features are extracted, the PIN is either entered orgenerated (303) according to the user/enterprise decision defined in(209). The system is designed to provide a probability of less than1/1,000,000 of chance access when using an entered 4-digit numeric PINtogether with the biometric test. A much lower probability can beachieved if the PIN is four alpha-numeric characters but it is harderfor the users of small smart phone devices to provide alpha-numericinput. The method of using and generating the PIN is described later.Following this, the Hardware Root is calculated, the Template Decryptionkey is generated the Template is decrypted (304). Again the calculationsare described later. The biometric features are then matched to thedecrypted template (305) and if the match is good (306) passwordde-obfuscation takes place and the password is submitted to the passwordauthentication process. (307). These methods are also described in moredetail later. Thereafter, in process (308) the encryption key isgenerated and the template is decrypted, updated as a result of the mostrecent successful sample, encrypted and stored in the encrypted datastorage area (110). The old template is now deleted (309). Failure tomatch during process (306) will result in an appropriate failure action(311) as determined by Enterprise/User policy Following this theoperation continues to normal processing (310)—see FIG. 4.

Again, turning to FIG. 4, once the user has authenticated to the MobileDevice as described in FIG. 3, the Mobile Device may be used inconjunction with a remote computer (124) in a trusted system where theremote computer uses the secure socket layer or a similar protocol usinga complex password released from the mobile device. The complex passwordfor authenticating to a local or remote computer or a secure web servicemay be different from that required for local authentication and theneed for a different password, will be determined by Enterprise policy.

Again turning to FIGS. 2 and 3 we will discuss the definitions of thecalculations and actions to be performed. First, defining the terms:

Let D be an automatically generated-hardware-rooted numeric mobiledevice ID used in the password obfuscation and de-obfuscation process.

Let P be the power-up password, which may be chosen or imposed, requiredby the mobile device.

Let P_(#) be a one-way hashed value of the password (used to generatekeys for the various encryption/decryption processes

Let PIN be the user chosen PIN or the generated PIN.

Let PIN_(#) be a one-way hashed value of the PIN used in theobfuscation/de-obfuscation process.

Let P_(Obf) be the Obfuscated Password used to calculate the password Pto be used in the local or remote password authentication systems.

Let T_(Clr) be the clear text biometric template used to match with thesubmitted biometric sample features.

Let T_(Key) be the symmetrical key used to encrypt/decrypt the biometrictemplate (215, 304, 308). The generation method is described later.

Let T_(Enc) be the encrypted biometric template using a symmetricencryption function such as the Advanced Encryption algorithm.

The following methods describe the calculation of the various terms andvariables used to implement the invention in this preferred embodiment.We will first choose a function f₁ such that:f ₁(D,P,PIN_(#))=P _(Obf) andf ₁ ⁻¹(D,PIN_(#) ,P _(Obf))=P

We then choose a second function f₂ such that:f ₂(P _(Obf),PIN_(#))=T _(Key)

It is clear that there are many functions which obey these properties Itis not the purpose of this specification to describe the exact function.There follows an example, using some values generated from these type offunctions to show how the process might work.

In generating D, the numeric mobile device ID used in the obfuscationand de-obfuscation processes, it is proposed to use a function of themobile device hardware. For this example we will proceed as follows:

-   -   i) Let us assume that D is generated as a large set of Hex.        values and let's assume, for simplicity, in this example, that        there are 12 Hex. values, e.g. 9BDF135702F6.    -   ii) Convert this to a numeric value by substituting the ASCII        decimal codes for each character. This would give        D=576668704951535548507054

In Calculating the Obfuscated Password P_(Obf), from P, D and PIN_(#),for use in authentication and encryption/decryption routines, we mightdefine f₁ in the following manner:

-   -   i) Assume a complex password (up to, say, 32 characters        depending upon enterprise security policy) has been chosen or        imposed. It might be something like: ! Space “$ +. ˜} {?R>4n    -   ii) Convert each character to its ASCII code and subtract from        128 retaining two numeric digits for each character (e.g. 5        would be denoted as 05)—call the result P_(nt) (Password Numeric        Transform)    -   iii) Generate D and capture or generate a Dummy PIN—see (v)        below    -   iv) Apply a one-way hash function to the PIN, generating (say) a        128 bit digest. Split this into 32 Hex characters and convert to        a 64-digit numeric value by substituting the two-integer ASCII        decimal codes for each Hex character. This is PIN_(#).    -   v) In the case where no PIN entry is required, in order to        retain program structure, we define a generated (Dummy) PIN        value by choosing 4 of the hardware device ID digits. There are        many, many permutations of 4 (or more) from 24 and the system        implementation will provide a customizable module to provide the        generated PIN and changes on a required basis.    -   vi) Add together the values for D, P_(nt) and PIN_(#) and store        this set of numeric digits securely as the obfuscated        password=P_(Obf)

P_(Obf) is set and stored on the mobile device at registration/biometricenrollment when the Password and PIN are set up (213). P_(Obf) willchange if the PIN or the Password is changed. Changing the PIN orPassword, or indeed the biometric template, will require submission ofthe old PIN and a successful biometric sample against the old template.It will not require user input of the old Password which can beautomatically generated by the system from the stored obfuscatedpassword and the PIN hash.

Even if the password is somehow exposed to an attacker, the only way toprovide it to the authentication system is by the submission of amatching biometric sample and a correct PIN using a sensor on the actualmobile device.

In calculating the Template Encryption/Decryption Key T_(Key) we definea function f₂ such that T_(Key)=f₂(P_(Obf), PIN_(#)). Suppose wegenerate T_(Key) by choosing f₂ as the sum of P_(Obf) and PIN_(#) usingthe 128 least significant bits. The key is generated each time thetemplate is encrypted or decrypted and never stored other thantemporarily. The key for encrypting/decrypting the Set-up parameter datawhich may be accessed by the system prior to the submission of the PINand biometric sample is generated using the generated PIN and P_(Obf).

In generating the Password (for authentication or encryption) byde-obfuscation of the obfuscated password we apply the inverse functionof f=f⁻¹ in the following manner:

-   -   i) Get P_(Obf)    -   ii) Generate D    -   iii) Capture PIN (or supply Dummy PIN) and generate PIN_(#)    -   iv) Subtract the sum of D and PIN_(#) from P_(Obf)    -   v) Subtract each successive set of two digits from 128. This is        P_(nt) and represents the ASCII decimal codes for the Password P        to be passed to the authentication process (for local or remote        authentication) only if the biometric matching is good.

In remote authentication the remote computer and the mobile device willperform mutual authentication. The remote computer will then knowwhether or not the mobile device is secured in this manner and assigntrusted status to it. The remote computer may then be authorized by themobile device to change the mobile device configuration and parameterdata according to enterprise security policy. If the mobile device doesnot respond to the server's request for mutual authentication, or if theuser cannot authenticate to the mobile device or if the mobile device isnot a legitimate ID, the server will undertake failure action and thiscould be as extreme as deleting all data from the mobile device.

FUNCTION DEFINITIONS f AND f⁻¹

In fact, as mentioned earlier, there are many ways to define thefunctions f and f⁻¹. Here is another embodiment, which might use theAdvanced Encryption Standard.

We will assume:

-   -   PDK—is the key used by the system at power up but prior to        authentication to decrypt the Parameter and Configuration data        PCD    -   EPCD—is the encrypted value of PCD    -   UBS—is a user biometric sample    -   BT—is the clear text biometric template created from biometric        samples.    -   TEK—is the biometric template encryption/decryption key.        -   f—is a symmetric encryption function as e.g. in the AES        -   f⁻¹—is the symmetric decryption function as in the AES    -   EBT—is the encrypted biometric template    -   CPW1—is a complex password for device unlock    -   CPW2—is a complex password for Network Access or for the SSL.

Different passwords for different purposes might be defined in thismanner and can be changed by the user without having to enter the oldpassword

-   -   HWR—is a unique device number rooted in the device hardware.    -   PIN—is a user-chosen PIN    -   PIN#—is a one-way hash of the PIN    -   OPW1—is the obfuscated password for device unlock    -   OPW2—is the obfuscated password for network access/SSL.    -   DAR—is sensitive device data at rest.

Then we define:

-   -   PDK=f(OPW1,HWR)—encrypted value of OPW1 using a key derived from        HWR    -   PCD=f⁻¹(EPCD,PDK) decrypted value of EPCD using the PDK key.    -   TEK=f(OPW1,HWR,PIN#)—encrypted value of OPW1 using a key derived        from HWR and PIN#    -   EBT=f(BT,TEK)—encrypted value of BT using TEK as the key    -   BT=f⁻¹(EBT,TEK)—decryption function for biometric template using        the TEK key    -   OPW1=f(CPW1,HWR,PIN#)    -   OPW2=f(CPW2,HWR,PIN#)

We can now compare the features extracted from the biometric sample withthe biometric template (BT) and if all is well, update the template,delete the old template, re-encrypt and store the new one and use thede-obfuscated password, CPW1, in the device authentication process.

-   -   OPW1 and OPW2 are de-obfuscated by:    -   CPW1=f⁻¹(PPW1,HWR,PIN#) where f⁻¹ is the symmetrical decryption        of OPW1 using the same key combination of HWR and PIN# as was        used to encrypt CPW1    -   CPW2=f⁻¹(PPW2,HWR,PIN#) may then be used for Network access        and/or as a single sign-on to various passwords used in the SSL.    -   DAR may be encrypted/decrypted using a key derived from CPW1        according to NIST SP 800-132 or it may use TEK.    -   At the end of the authentication/protected application session        the Parameter and Configuration data, PCD are again encrypted        using PDK so that:        EPCD=f(PCD,PDK)

The IC Card Identification Process

At physical point of sale, where the customer tenders an IC card, thefollowing similar process can be implemented using the signature/signmodality.

-   -   1) the IC card is entered into the IC card reader, which is        integrated into the point of sale (POS) terminal and the card        data are passed through to the retailer's merchant bank for        authorization.    -   2) The customer enters his signature onto the screen of the POS        terminal    -   3) The sign data are transformed by the POS terminal according        to U.S. Pat. No. 7,916,907, features are extracted and passed        securely to the IC chip. The IC chip decrypts the biometric        template and the authentic user signature, using a value rooted        in the IC chip hardware. The IC chip determines if the template        has been created or whether further signs are required to create        it.    -   4) If the template has been created, the IC chip matches the        sample features to the template and passes the result of the        match to the POS terminal, together with the authentic        electronic signature of the IC card owner.    -   5) If the template has not been created the IC chip passes just        the authentic electronic signature of the card owner to the POS        terminal.    -   6) The POS sales associate uses the card authorization result,        the result of the biometric test, the appearance of the        submitted signature and the appearance of the card owner's        signature to determine whether the user of the card is indeed        the card owner. If there is some doubt, the POS sales associate        may decide to ask for further identification. The POS sales        associate is the final arbiter of the whether to accept or        decline the transaction.

A process, similar in concept to this, was described at the 1996 SmartCard Conference in London, UK and the 1996 Atlanta CardTec SecurTec(CTST) conference, in a paper presented by Rodney Beatson (one of theauthors of this Application). The paper entitled “The Use of ElectronicSignatures at Point of Service” is incorporated herein by reference. Thepaper advocates the use of the IC card to store the biometric templateand signature, on the IC chip and to release the biometric template tothe POS terminal for the POS terminal to carry out the biometricmatching process. This could lead to compromise of the biometrictemplate whilst in use in the POS terminal. Neither does the paperadvocate the encryption of the biometric template or the authenticsignature using a key rooted in the chip hardware. The current inventionadvocates biometric template and electronic signature encryption and theuse of the IC chip to carry out the matching process. This providesgreater security for the template and authentic signature and is asuperior method. As mentioned earlier, the “1996” method is alsodescribed in U.S. Pat. No. 5,892,824 authored by, inter alia, RodneyBeatson and Mark Kelty, two of the authors of the current invention.

The Signature/Sign Biometric Process

Referring again to FIGS. 2 and 3, appropriate treatment ofSignature/Sign biometric data is described below.

1) Template Building

In an exemplary system of the present invention the template is built bysoftware from users' signs shortly after they are submitted (208). Thesoftware extracts biometric features from the sign data after allocatinga time value to each (X,Y) coordinate value. In the current invention,the electronic sign verification software will:

a) Transform the (X,Y,t) values to (x,y,t) in the manner previouslydescribed (206) and extract m features of the (x,y,t) data, (f₁ . . .f_(m)) in a manner later described.

b) Compare these values with the template stored on the mobile device(208) or transmit the values, suitably encrypted through a -network toan authentication server.

The mobile device software will, for the first N signs, calculate andstore the mean value for each of the features calculated so that iff_(1j) is the j^(th) value of feature 1 from the j^(th) sign for aspecific customer, then —: Mean f_(1j)=Mf_(1j) would be calculated asfollows:Mf ₁₁ after 1 sign=f ₁₁Mf ₁₂ after 2 signs is ((1−a)*Mf ₁₁ +a*f ₁₂)Mf ₁₃ after 3 signs is ((1−a)*Mf ₁₂ +a*f ₁₃) . . . etc.

Where:

for the second sign a=0.5

for the third sign a=0.33

for the 4^(th) sign a=0.25 . . . etc

for the n^(th) sign a=1/n until n=9. Thereafter a=0.1 for all signs.

Mf₂ . . . Mf_(m) will be calculated in a similar manner.

The mobile device software will also calculate and store the meandifference of the feature values from their means as each new sign issubmitted in the following manner.

If the mean difference for feature 1 after j−1 signs is D_(1,j-1), then:D _(1,j) =a*Abs(f _(1j) −Mf _(j-1))+(1−a)*Abs(D _(1,j-1)) where a hasthe values:

for the second sign a=0.5

for the third sign a=0.33

for the 4^(th) sign a=0.25 etc.

for the n^(th) sign a=1/n until n=9. Thereafter a=0.1 for all signs.

Df₂ . . . Df_(m) will be calculated in a similar manner.

As each new sign is added, after the first two, a compatibility test maybe applied to the M values to determine if they are consistent with theprevious M and D values and if not that sign may be eliminated. The newmean estimates (M) of feature values and their differences (D) will bestored as the feature template values for that feature and will be usedin the matching calculation.

The signature/sign template may also contain an electronic copy of theuser's authentic signature, which can be released in encrypted form, inresponse to a local biometric match, to a remote computer system thatwould compare it to an identical electronic copy stored in encryptedform on its system. The authentic electronic signature would consist ofthe (x,y) values only and would be a constant data set in the templateuntil changed by the user. Release of this authentic electronicsignature to a remote computer could be used to accurately and remotelyauthenticate the author of an electronic document or transaction e.g acredit card transaction or other financial transaction.

After the system starts to match each new sign with its template values,the means and mean differences will be updated in the same way aftereach good match. Before (or after) successful enrolment the user mayrecord an electronic version of his authentic signature in the form of avector image to be stored in the template and to be released, whererequired, responsive to a good biometric test. Such an electronicsignature would be unchanged for each release so that any match of itagainst previous or future authentic signatures released in the samemanner would be exact or at least, very close.

How large should N be? In some systems where signs are submittedcarefully, matching can take place after as few as three signs. However,some signs may take more samples to define the template and this iscontrolled by consistency and complexity test parameters and/or aparameter of the system.

2) Feature Matching

-   -   Suppose that, for a particular sign the value of feature i is        f_(i).    -   Suppose the template values for feature i are M_(i) and D_(i)    -   We calculate a mismatch score        sum=S=Sum[w_(i)*(Abs(f_(i)−M_(i))/D_(i))] for i=1 . . . m, where        there are m feature values being measured.

This can be compared against a threshold value T_(m) to generate a matchor a mismatch. The template values (M and D) would be updated for amatch and not for a mismatch. There are a number of different ways tocalculate mismatch distance measurements and we encompass them generallyin this example.

3) Calculating T_(m)

-   -   There are m features with discriminant weightings (w₁ . . .        w_(m)), such that    -   Sum(w_(i))=m, and they contribute to the mismatch score in the        following manner so T_(m) can be set as follows:        T _(m)=Sum(w _(i))+p*sqrt(Sum(w ₁ ²))

where p is a parameter used to set the security level. The lower thevalue of p, the more secure is the system and vice versa. The higher thevalue of p, the more benign is the system and vice versa.

4) Feature Selection

In an exemplary system we envisage the features being selected usingfunctions of the (x,y,t) data as described below:

-   -   a. V(x), where V(x) is the variance of the x-coordinate values        of the transformed sign.    -   b. V(y) where V(y) is the variance of the y-coordinate values of        said transformed sign.    -   c. C(x,y) where C(x,y) is the covariance of the transformed sign        coordinate values    -   d. Total sign time.    -   e. Total in-contact sign time    -   f. Total out-of contact sign time    -   g. Positions of (x,y) turning points with respect to time    -   h. Positions of (x,y) turning points with respect to x-position    -   i. Positions of (x,y) turning points with respect to y-position    -   j. An estimate of total x-distance traveled.    -   k. An estimate of total y-distance traveled    -   l. (x,y) positions of new points of stylus contact with respect        to time.    -   m. New out-of-contact stylus (x,y) positions with respect to        x-position.    -   n. (x,y) positions of new points of stylus contact with respect        to x-position    -   o. (x,y) positions of new out-of-contact stylus positions with        respect to time    -   p. Forehand (x,y) distances    -   q. Backhand (x,y) distances

Forehand movements of the stylus/finger are defined when the x movementand the y movement are either both positive or both negative. Backhandmovements of the stylus/finger are defined when the x movement ispositive and the y movement negative, or vice-versa.

To arrive at an efficient feature set and weights (w_(i)) thatdiscriminate powerfully between authentic signs and fraudulent signs theinventors advocate the method defined in a White Paper authored byRodney Beatson—one of the present inventors—entitled “Feature Selection& Definition in a Biometric System with Many Possible Features IncludingMulti-Modal Features” dated Feb. 8, 2010 and incorporated herein byreference.

The sign verification method described in this invention is given extrastrength by the sign verification accuracy observed in a limitedexperiment conducted on behalf of the INCITS Biometrics M1 committee.The sign data captured in this experiment was later subjected to theanalysis described above in the White Paper with impressive results.

What is claimed is:
 1. A stand-alone computing device, which may also bea mobile device comprising: a processor; a memory; a biometric sensor;optionally, an application specific integrated circuit (ASIC) connectedto or contained within said stand-alone computing device, incorporatingan ASIC processor, an ASIC memory and ASIC software storage, capable ofcausing code-signing, biometric authentication and encryption operationsto take place; a software storage, wherein, upon power-up of the saidstand-alone computing device, and prior to executing at least some ofthe software stored thereon, causes the said processor and the said ASICprocessor, individually or in combination to: check the signed codestored on the said ASIC and the said stand-alone computing device and,responsive to a successful check; generate a device ID from hardwarecharacteristics of said stand-alone computing device and said ASIC;prompt a user to submit a plurality of biometric samples and capturesaid plurality of biometric samples using said biometric sensor;optionally, transform data of said captured biometric samples to aconsistent angle of inclination; biometrically enroll an identity of adevice user by matching said captured biometric samples to each otherand determining a biometric template; obtain a PIN value by one of a)generating said PIN value from hardware characteristics of the saidstand-alone computer and the said ASIC and b) capturing said PIN valueafter being entered on said device; generate a one-way hashed value ofsaid PIN; accept a password from the user after obtaining said PIN;obfuscate said password using said hashed value of said PIN and saiddevice ID, and store the obfuscated password in one of said memory andsaid ASIC memory; generate a first private encryption key using at leastsaid hashed PIN and, optionally, one of said device ID and saidobfuscated password; encrypt said biometric template using said firstprivate encryption key and store the encrypted template in one of thesaid memory and the said ASIC memory; and upon subsequent stand-alonecomputing device power up, the said software and the said ASIC softwarefurther cause the stand-alone computing device processor and the ASICprocessor, individually or in combination to: a) check said signed codestored on the said ASIC and the said stand-alone computing device and,responsive to a successful check: b) generate said device ID fromhardware characteristics of said stand-alone computing device and saidASIC; c) capture a subsequent biometric sample from a user, using saidbiometric sensor; d) decrypt the encrypted template using said firstprivate encryption key; e) de-obfuscate the obfuscated password using atleast said hashed value of said PIN and said device ID f) provide thesaid de-obfuscated password for an authentication process, only if theencrypted template is correctly decrypted and said subsequent biometricsample matches said decrypted template.
 2. The device of claim 1,wherein said device is connected, through a network to a remote computerand said device and said remote computer achieve mutual remotecomputer/device authentication by: a) said remote computer beingconfigured to request an active device user to authenticate to saiddevice using said subsequent biometric sample and said PIN; b) saiddevice being configured to generate a one-way hash value of saidde-obfuscated password provided for authentication; c) said device beingconfigured to communicate encrypted data, including a user credentialover said network, using a symmetrical encryption key, which is afunction of at least one of the one-way hashed value of said providedde-obfuscated password and said device ID; d) said device beingconfigured to further communicate at least said device ID, encryptedwith said symmetrical encryption key, to said remote computer; e) saidremote computer being configured to calculate said symmetricalencryption key, decrypt at least said device ID, and authenticate saiddevice as a legitimate device on said network; f) said remote computerbeing configured to acknowledge the legitimacy of said networkcommunication by encrypting the said hashed password using saidcalculated symmetrical key and communicating said encrypted hashedpassword to said device, g) said device being configured to decrypt saidencrypted hashed password, test the said decrypted hashed password forauthenticity and in response to said test, acknowledge remote computerlegitimacy to remote computer and grant it full access to said device;h) said remote computer being configured to check said device forcompliance with network security policy, if necessary, change parameterdata for acceptability and, if appropriate, release said user credentialto said remote computer, and i) said remote computer being configured togain full access to said device and modify said device according toenterprise security policy when said device does not respond to saidremote computer request.
 3. The device of claim 1 wherein said device isconnected, through a network to a remote computer, said device and saidremote computer achieving mutual remote computer/device authenticationby: a) said remote computer being configured to request an active deviceuser to authenticate to said device using said subsequent biometricsample and said PIN; b) said device being configured to de-obfuscate apreviously-entered, stored, obfuscated, second password which is used torelease a second Private Key to implement a PKI encryption-basedauthentication protocol and encrypted communications between said deviceand the said remote computer, only after successful submission of saidsubsequent biometric sample and PIN, c) said remote computer beingconfigured to gain full access to said device and modify said deviceaccording to enterprise security policy when said device does notrespond to said remote computer request.
 4. The device of claim 3,wherein said device does not contain and is not connected to said ASICand the following tasks are undertaken: a) said device and said remotecomputer achieve mutual remote computer/device authentication by: b)said remote computer being configured to request an active device userto authenticate to said device using said subsequent biometric sampleand said PIN; c) said device being configured to de-obfuscate saidstored, obfuscated, previously-entered second password which is used torelease said second Private Key to implement a PKI encryption-basedauthentication protocol between said device and the said remotecomputer, only after successful submission of said subsequent biometricsample and PIN.
 5. The device of claim 4 where said remote computer isconfigured to gain full access to said device and modify said deviceaccording to enterprise security policy when said device does notrespond to said remote computer request.
 6. The device of claim 1,wherein the said biometric sensor comprises one of a stylus-based screenentry digitizer and a finger-based screen entry digitizer and recordssign input as the biometric sample.
 7. The device of claim 6, whereinsaid biometric samples contain, at least (X,Y) coordinate values,wherein each set of co-ordinate values has one of an associated explicitand inferred time stamp; said biometric template is adaptive; saiddevice being configured to calculate, store, and update biometricfeatures, biometric feature means, and biometric feature variances,wherein said biometric feature means are modified by choosing weightsthat correspond to a large discrimination score measured betweenauthentic and imposter samples; and said device being configured toprompt a user to choose said signs to be one of a secret sign withoutuser feedback and a signature with user feedback.
 8. The device of claim7, wherein said biometric feature means are based on at least one of:V(x), where V(x) is a variance of the x-coordinate values of atransformed sign, V(y), where V(y) is a variance of the y-coordinatevalues of a transformed sign, C(x,y), where C(x,y) is a covariance of atransformed sign coordinate values, total sign time, total in-contactsign time, total out-of contact sign time, positions of (x,y) turningpoints with respect to time, positions of (x,y) turning points withrespect to x-position, positions of (x,y) turning points with respect toy-position, an estimate of total x-distance traveled, an estimate oftotal y-distance traveled, (x,y) positions of new points of styluscontact with respect to time, new out-of-contact stylus (x,y) positionswith respect to x-position, (x,y) positions of new points of styluscontact with respect to x-position, (x,y) positions of newout-of-contact stylus positions with respect to time, Forehand (x,y)distances, and Backhand (x,y) distances.
 9. The device of claim 1,wherein: said biometric template contains an electronic representationof the user's valid signature which is released to electronic documentsrequiring it, said electronic documents subsequently being communicatedto a remote computer storing a valid signature for said user, which isused to check the authenticity of the said electronic representation ofuser's valid signature, requiring an exact or very close match; saidbiometric template includes a time-stamp associated with the last timeit was used to match a biometric sample; said biometric templateincludes an authentication code which is a definitive function of atleast data defining said template; said biometric template contains thenumber of samples contributing to its values.
 10. The device of claim 1,wherein said device does not contain, and is not connected to said ASICand performs the following tasks: upon power-up of the said stand-alonecomputing device, and prior to executing at least some of the saidsoftware stored thereon, the said software causes the said processor to:check the signed code stored on the said stand-alone computing deviceand, responsive to a successful check; generate a device ID fromhardware characteristics of the stand-alone computing device; prompt auser to submit a plurality of biometric samples and capture saidplurality of biometric samples using said biometric sensor; optionally,transform data of said captured biometric samples to a consistent angleof inclination; biometrically enroll an identity of a device user bymatching said captured biometric samples to each other and determining abiometric template; obtain a PIN value by one of capturing said PIN fromsaid user after being entered on said device and generating said PINfrom said Device ID; generate a one-way hashed value of said PIN;generate a first private encryption key using at least said hashed PINencrypt said biometric template using said first private encryption keyand store the encrypted template in the said memory; and, uponsubsequent stand-alone computing device power up, the said softwarefurther causes said stand-alone computing device to: check the signedcode stored on the said stand-alone computing device and, responsive toa successful check: generate said device ID from characteristics of saidstand-alone computing device hardware components; capture a subsequentbiometric sample from a user, using said biometric sensor; submit saidPIN; decrypt the encrypted template using said first private encryptionkey; enable device for further operation only if the said subsequentbiometric sample matches said decrypted template, ensuring that both thecorrect PIN and a correct biometric sample have been submitted and ifeither of them fail, causing the device not to inform the user whetherthe PIN or the biometric sample failed.
 11. The device of claim 10,where the stand alone computer is an IC chip connected to an integratedIC card reader and wherein a user credential is released in thefollowing manner: a) said biometric template and a user credential arestored on an IC card; b) said PIN hashing, template decryption andsubsequent biometric sample-matching processes are undertaken on the ICcard; and c) in response to a correct PIN and biometric sample match,said user credential is released in encrypted form to be compared toinformation stored on a remote computer.
 12. A stand-alone computingdevice comprising; a processor; a memory; a biometric sensor;Optionally, an application specific integrated circuit (ASIC) connectedto or contained within said stand-alone computing device, incorporatingan ASIC processor, an ASIC memory and an ASIC software storage, capableof causing code-signing, biometric authentication and encryptionoperations to take place; a software storage, wherein, upon power-up ofthe said stand-alone computing device, and prior to executing at leastsome of the software stored thereon, causes the said processor and thesaid ASIC processor, individually or in combination to: check the signedcode stored on the said ASIC and the said stand-alone computing deviceand, responsive to a successful check; generate a device ID fromhardware characteristics of said stand-alone computing device and saidASIC; biometrically enroll device users by capturing biometric samples,wherein said biometric samples contain, at least, (X,Y) coordinatevalues, and each set of co-ordinate values having one of an associatedexplicit and inferred time stamp; extract biometric feature values fromsigns made on an electronic signing area of said stand-alone computingdevice, by one of a stylus and a finger, wherein said signs are chosenby the user to be one of, a secret sign without user feedback and asignature with user feedback; verify the identity of a user by matchinga new biometric sample with a previously enrolled biometric template,wherein said biometric template includes an electronic representation ofsaid user's authentic signature and said authentic electronic signatureand said authentic electronic signature is released so that it may becompared with an electronic signature stored on a second computer remotefrom the stand-alone computing device; calculate means of biometricfeatures and modify the said means by weights that correspond to a largediscrimination score measured between authentic and imposter samples;generate a password and password hash from a stored, de-obfuscatedpassword and device ID, wherein said de-obfuscated password is generatedfollowing a PIN generation and biometric sample matching; provide thede-obfuscated password for an authentication process, only if theencrypted template is correctly decrypted and said subsequent biometricsample matches said decrypted template.
 13. The device of claim 12,wherein said device is connected, through a network to a remote computerand said device and said remote computer achieving mutual remotecomputer/device authentication by: a) said remote computer beingconfigured to request an active device user to authenticate to saiddevice; b) said device being configured to communicate encrypted dataover said network using a symmetrical encryption key, which is afunction of the hashed value of said password; c) said device beingconfigured to communicate at least said device ID, encrypted with saidsymmetrical encryption key, to said remote computer; d) said remotecomputer being configured to calculate said symmetrical encryption key,decrypt at least said device ID, and authenticate said device as alegitimate device on said network; e) said remote computer beingconfigured to acknowledge the legitimacy of said network communicationby encrypting one of said hashed password and other known data usingsaid symmetrical key and communicate the encrypted one to said device;f) said device being configured to check the value of one of said hashedpassword and said other known data and in response to said check,acknowledge remote computer legitimacy to remote computer and grant itfull access to said device; g) said remote computer being configured tocheck said device for compliance with network security policy and maychange device parameter data for acceptability and, if appropriate,release a trusted credential; and h) said remote computer beingconfigured, according to security policy, to delete appropriate datafrom said device when said device does not respond to said remotecomputer request.
 14. The device of claim 12, wherein said device isconnected, through a network to a remote computer, said device and saidremote computer achieving mutual remote computer/device authenticationby: a) said remote computer being configured to request an active deviceuser to authenticate to the said device using said subsequent biometricsample and said PIN; b) said device being configured to de-obfuscate thesaid previously entered stored obfuscated second password which is usedto release the said second Private Key to implement a PKI encryption andauthentication protocol between said device and the said remotecomputer, only after successful matching of a subsequent biometricsample and PIN; c) said remote computer being configured to gain fullaccess to said device and modify said device according to enterprisesecurity policy when said device does not respond to said remotecomputer request.
 15. A stand-alone computing device comprising: aprocessor; a memory; a biometric sensor; Optionally, an applicationspecific integrated circuit (ASIC) connected to or contained within saidstand-alone computing device, incorporating an ASIC processor, an ASICmemory and an ASIC software storage, capable of causing code-signing,biometric authentication and encryption operations to take place; asoftware storage, wherein, upon power-up of the said stand-alonecomputing device, and prior to executing at least some of the softwarestored thereon, causes the said processor and the said ASIC processor,individually or in combination to: check the signed code stored on thesaid ASIC and the said stand-alone computing device and, responsive to asuccessful check; generate a device ID from hardware characteristics ofsaid stand-alone computing device and said ASIC; capture a biometricsample from a device user using said biometric sensor; performauthentication with a remote computer using PKI communications and asecond private encryption key, wherein said second private encryptionkey is generated as a function of a previously entered password and saiddevice ID; said software further causing one of the said processor andthe said ASIC processor to perform PKI encryption using at least saidsecond private encryption key; One of said memory and said ASIC memorystoring a biometric template, which is encrypted and decrypted usingsaid first private encryption key; wherein said stand-alone computingdevice is further enabled, in response to a good match between saidbiometric sample and said decrypted biometric template, and accessed byPKI communications software, without said user re-entering a PIN orpassword for device access or for remote computer authentication. 16.The device of claim 15, wherein said ASIC memory stores an electronicrepresentation of said user's authentic electronic signature which, inresponse to a satisfactory biometric match of said biometric sample withsaid biometric template, is released in encrypted form, enablingcomparison with a very close replica of said electronic signature storedremotely on a separate computer.
 17. The device of claim 15, whereinsaid device and said device user authenticate to a remote computer usinga CBEFF patron such as ANSI BioAPI and where the BioAPI payload includesat least said device ID encrypted with said second private encryptionkey.
 18. A stand-alone computing device comprising: a processor; amemory; a biometric sensor integrated into said stand-alone computingdevice; Optionally, an application specific integrated circuit (ASIC)connected to or contained within said stand-alone computing device,incorporating an ASIC processor, an ASIC memory and ASIC softwarestorage, capable of causing code-signing, biometric authentication andencryption operations to take place and; software storage, wherein, uponpower-up of the said stand-alone computing device, and prior toexecuting at least some of the software stored thereon, causes theprocessor and the said ASIC, individually or in combination to: checkthe signed code stored on one of the said ASIC and the said stand-alonecomputing device and, responsive to a successful check; generate adevice ID from characteristics of hardware components of said device;capture a biometric sample from a device user using said biometricsensor; prompt the user to enter a PIN, which is subjected to a one-wayhash function, wherein said hashed PIN is used (optionally inconjunction with said device ID) to generate said first privateencryption key; perform authentication with a remote computer using PKIcommunications with said second private encryption key; one of said ASICmemory and said memory storing a biometric template, which is encryptedand decrypted using said first private encryption key; wherein operationof said stand-alone computing device is further enabled, in response toa good match between said biometric sample and said decrypted biometrictemplate, and accessed by PKI communications software, without said userre-entering a password for device access or for remote computerauthentication.
 19. The device of claim 18, wherein one of said memoryand said ASIC memory stores an electronic representation of said user'sauthentic electronic signature which, in response to a satisfactorybiometric match of said biometric sample with said biometric template,is released in encrypted form enabling comparison with a very closereplica of said electronic signature stored remotely on a separatecomputer.
 20. The device of claim 18, wherein said device and saiddevice user authenticate to a remote computer using a CBEFF patron suchas ANSI BioAPI and where the BioAPI payload includes at least saiddevice ID encrypted with said second private encryption key.